OpenVPN Configuration (Was XP Linksys DHCP Hatred)

Chris Carey chris.carey at gmail.com
Fri Oct 28 02:11:08 MDT 2005


On 9/28/05, Hans Fugal <hans at fugal.net> wrote:
> On Tue, 27 Sep 2005 at 23:34 -0600, Derek wrote:
> >
> > Hans Fugal wrote:
> >
> > >Any ideas?
> > >
> > >
> > One simple setting to look at is the maximum number of DHCP users.  It
> > can be found about half way down the basic setup page.  It defaults to
> > 50, but if you have had 50 clients or have changed it, that could be the
> > culprit.
> >
> > Also, I would launch ethereal on the XP machine and see what traffic it
> > is showing.  It might also be a wireless misconfiguration or the Openvpn
> > service might be running causing some issues.  I have had several
> > problems getting wep keys working on some cards.  Does it work hard wired?
>
> Hardwired is the problem - no wireless here. The laptop can get the
> neighbor's wireless, though.
>
> > You can reset the Wins server by entering 0.0.0.0 for the address,
> > assuming it is a wrt54g
>
> Tried that, it won't let me put 0 in the last field.
>
> --
>  Hans Fugal                 | If more of us valued food and cheer and
>  http://hans.fugal.net/     | song above hoarded gold, it would be a
>  http://gdmxml.fugal.net/   | merrier world.
>                             |         -- J.R.R. Tolkien
> ---------------------------------------------------------------------
> GnuPG Fingerprint: 6940 87C5 6610 567F 1E95  CB5E FC98 E8CD E0AA D460
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
>
> iD8DBQFDOtHE/JjozeCq1GARAoXeAJ9W//5mAg6cJd75UmqbsPqW2pkGMACffC5U
> SQhkUcGjnTafdFToho8cHBY=
> =CLN9
> -----END PGP SIGNATURE-----
>
>
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>
>

This talk about OpenVPN got me interested in it. I installed OpenVPN
on the OpenWRT linux distro on a Linksys WRT54G. After some work I was
able to get "routed" mode working. At this point the client can ping
the server machine and can connect to it. The client can not see the
rest of the LAN though. After many hours its getting a little
frustrating. In the docs it says that this can be solved using
"bridged" mode , which Ive tried. For some reason "bridged mode"
requires SSL/tls certificates . Created them, set them up. No go. Some
how-tos also say that it can be done in "routed" mode with more rules.
I prefer using "routed" mode with a secret key file. It seems to work
smoother at this point.

ip_forwarding is enabled on the firewall (which is also the OpenVPN
server). The server creates a tun0 rule for the VPN so I added rules:

iptables -I FORWARD -i tun0 -j ACCEPT
iptables -I FORWARD -o tun0 -j ACCEPT

Still cant ping any other machines on the LAN thru VPN. Only the server.

Any hints are well appreciated. Thx

--
Chris



More information about the PLUG mailing list